Multiple security flaws were found in the way Flash Player displayedcertain SWF content. An attacker could use these flaws to create aspecially-crafted SWF file that would cause flash-plugin to crash or,possibly, execute arbitrary code when the victim loaded a page containingthe specially-crafted SWF content. (CVE-2009-1862, CVE-2009-1863,CVE-2009-1864, CVE-2009-1865, CVE-2009-1866, CVE-2009-1868, CVE-2009-1869)

A clickjacking flaw was discovered in Flash Player. A specially-craftedSWF file could trick a user into unintentionally or mistakenly clicking alink or a dialog. (CVE-2009-1867)

A flaw was found in the Flash Player local sandbox. A specially-craftedSWF file could cause information disclosure when it was saved to the harddrive. (CVE-2009-1870)

All users of Adobe Flash Player should install this updated package, whichupgrades Flash Player to version 9.0.246.0.

4. Solution:

Before applying this update, make sure that all previously-releasederrata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to usethe Red Hat Network to apply this update are available athttp://kbase.redhat.com/faq/docs/DOC-11259